Security Alert For security reasons, a UserData store is available only in the same directory and with the same protocol used to persist the store.

Security Alert Using this behavior incorrectly can compromise the security of your application. Data in a UserData store is not encrypted and therefore not secure. Any application that has access to the drive where UserData is saved has access to the data. Therefore, it is recommended that you not persist sensitive data like credit card numbers. For more information, see
Security Considerations: DHTML and Default Behaviors.

The
userData behavior persists information across sessions by writing to a UserData store. This provides a data structure that is more dynamic and has a greater capacity than cookies. The capacity of the UserData store depends on the security zone of the domain. The following table shows the maximum amount of UserData storage that is available for an individual document and also the total available for an entire domain, based on the security zone.

The
userData behavior persists data across sessions, using one UserData store for each object. The UserData store is persisted in the cache using the
save and
load methods. Once the UserData store has been saved, it can be reloaded even if
the document
has been closed and reopened.

Setting the
userData behavior class on the
html,
head,
title, or
style object causes an error when the
save or
load method is called.

The required
style can be set inline or in the document header, as follows: